Solution : https://service.sap.com/sap/support/notes/870127 (SAP Service marketplace login required)
Summary :
This SAP Note provides guidance on enhancing security for SAP Web Dispatcher. It advises keeping the dispatcher updated and configuring custom error pages to prevent exposure of technical errors to end users. Specific parameters such as icm/HTTP/error_templ_path and is/HTTP/show_detailed_errors are suggested. Additionally, using the Web Dispatcher as a URL filter, blocking sensitive URLs, and managing permissions strictly are recommended. Security for the web administration interface is emphasized through HTTPS usage, restricted administration ports, and network-limited access for administration tasks, further ensuring that only authorized clients and internal network hosts can access sensitive administration features.
Key words :
setting icm/http/error_templ_path = /usr/sap/b6m/d13/data/icmerror, parameter icm/http/admin_, /sap/public/icf_info/ block, terms sap web dispatcher, parameter icm/server_port_, /sap/public/icman/, /sap/public/ping, sap web dispatcher, uri permission table, /sap/wdisp/information
Related Notes :
| 538405 | Composite SAP Note: SAP Web Dispatcher |